Free Tool

Security.txt Generator

Generate an RFC 9116 security.txt file so researchers know exactly how to report vulnerabilities responsibly.

Already have one? Check it here

Configure your Security.txt

How to Use Security.txt

1

Add contact details

List an email or URL where security researchers can reach you.

2

Download or copy

Copy the generated content or download it as security.txt.

3

Upload to your server

Place the file at yourdomain.com/.well-known/security.txt

4

Verify with the checker

Use our Security.txt Checker to confirm the file is accessible and correctly formatted.

Where to place security.txt

RFC 9116 requires the file at /.well-known/security.txt. You may also redirect /security.txt to that location.